Windows 8.1
by Microsoft
CVEs (1,654)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0711 | Med | 0.44 | 6.8 | 0.02 | Jun 12, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,… | ||
| CVE-2019-0710 | Med | 0.44 | 6.8 | 0.02 | Jun 12, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,… | ||
| CVE-2018-3639 | Med | 0.44 | 5.5 | 0.61 | May 22, 2018 | Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,… | ||
| CVE-2017-8628 | Med | 0.44 | 6.8 | 0.02 | Sep 13, 2017 | Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability". | ||
| CVE-2016-7210 | Med | 0.44 | 6.5 | 0.21 | Nov 10, 2016 | atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from… | ||
| CVE-2016-3374 | Med | 0.44 | 6.5 | 0.26 | Sep 14, 2016 | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a… | ||
| CVE-2016-3370 | Med | 0.44 | 6.5 | 0.22 | Sep 14, 2016 | The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a… | ||
| CVE-2016-3201 | Med | 0.44 | 6.5 | 0.24 | Jun 16, 2016 | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different… | ||
| CVE-2016-0133 | Med | 0.44 | 6.8 | 0.01 | Mar 9, 2016 | The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by… | ||
| CVE-2016-0049 | Med | 0.44 | 6.2 | 0.13 | Feb 10, 2016 | Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying… | ||
| CVE-2023-21560 | Med | 0.43 | 6.6 | 0.01 | Jan 10, 2023 | Windows Boot Manager Security Feature Bypass Vulnerability | ||
| CVE-2022-38032 | Med | 0.43 | 6.6 | 0.01 | Oct 11, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2022-30205 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Group Policy Elevation of Privilege Vulnerability | ||
| CVE-2022-22023 | Med | 0.43 | 6.6 | 0.01 | Jul 12, 2022 | Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | ||
| CVE-2021-43216 | Med | 0.43 | 6.5 | 0.03 | Dec 15, 2021 | Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability | ||
| CVE-2021-28323 | Med | 0.43 | 6.5 | 0.04 | Apr 13, 2021 | Windows DNS Information Disclosure Vulnerability | ||
| CVE-2021-1679 | Med | 0.43 | 6.5 | 0.03 | Jan 12, 2021 | Windows CryptoAPI Denial of Service Vulnerability | ||
| CVE-2020-1097 | Med | 0.43 | 6.5 | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | ||
| CVE-2020-1091 | Med | 0.43 | 6.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple… | ||
| CVE-2019-1025 | Med | 0.43 | 6.5 | 0.05 | Jun 12, 2019 | A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected… |
- risk 0.44cvss 6.8epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…
- risk 0.44cvss 6.8epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system,…
- risk 0.44cvss 5.5epss 0.61
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis,…
- risk 0.44cvss 6.8epss 0.02
Microsoft Bluetooth Driver in Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703 allows a spoofing vulnerability due to Microsoft's implementation of the Bluetooth stack, aka "Microsoft Bluetooth Driver Spoofing Vulnerability".
- risk 0.44cvss 6.5epss 0.21
atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…
- risk 0.44cvss 6.5epss 0.26
The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a…
- risk 0.44cvss 6.5epss 0.22
The PDF library in Microsoft Edge, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information via a crafted web site, aka "PDF Library Information Disclosure Vulnerability," a…
- risk 0.44cvss 6.5epss 0.24
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka "Windows PDF Information Disclosure Vulnerability," a different…
- risk 0.44cvss 6.8epss 0.01
The USB Mass Storage Class driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows physically proximate attackers to execute arbitrary code by…
- risk 0.44cvss 6.2epss 0.13
Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 does not properly validate password changes, which allows remote attackers to bypass authentication by deploying…
- risk 0.43cvss 6.6epss 0.01
Windows Boot Manager Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Group Policy Elevation of Privilege Vulnerability
- risk 0.43cvss 6.6epss 0.01
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability
- risk 0.43cvss 6.5epss 0.03
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.04
Windows DNS Information Disclosure Vulnerability
- risk 0.43cvss 6.5epss 0.03
Windows CryptoAPI Denial of Service Vulnerability
- risk 0.43cvss 6.5epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- risk 0.43cvss 6.5epss 0.04
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple…
- risk 0.43cvss 6.5epss 0.05
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected…
Page 54 of 83